I know DNS is not secure, but it is still so bad that you can just have an access point with a hosts file that points www.banksite.com to a server in your house that serves a clone of the banking site in plain http and there would be no way for the user to tell the difference except for the absence of the lock icon in the url bar?
Name:
Anonymous2015-06-25 21:34
>>11 We would just designate someone to maintain the list and pitch in additions as they come by. The problem is keeping track of domain changes(the owner would usually do this), keeping away phishing, and having to update manually. But it would totally be possible. >>12 It's all about the lock.